We're partnered with a leading electrical power company that is looking to add an Information Security Compliance Analyst to their growing security team!
This person is responsible for ensuring that the organization adheres to cybersecurity regulations and internal policies by administering controls, investigating variances, and supporting audit processes to maintain compliance with various regulatory requirements. It's an exciting next step for someone looking to increase visibility and impact across an organization.
Key Responsibilities:
- Implement and manage cybersecurity controls to ensure compliance with regulatory rule sets and internal policies.
- Monitor adherence to established protocols and standards, such as NERC-CIP, PCI, and SOX.
- Identify and investigate discrepancies or variances in compliance, escalating issues as necessary and collaborating on remediation process.
- Document evidence related to compliance activities, audits, and incidents.
- Support internal and external audit processes by providing necessary evidence and records.
- Ensure compliance with relevant regulatory requirements - including ERCOT and NERC-CIP - and prepare regulatory reports and Requests For Information.
- Implement operational best practices and drive process efficiency through automation and continuous improvement.
- Collaborate with process owners and stakeholders to ensure effective control performance.
- Document processes and controls related to cybersecurity and compliance.
Preferred Qualifications:
- Bachelor's degree in Business, Technology, or a related field is strongly preferred
- Relevant certifications such as CISM, CISA, CISSP, etc.
- Proficiency in coding languages such as PowerShell, Python, C++ or Ruby)
- Knowledge of application development and technology key controls.
- Understanding of compliance standards and frameworks including NERC CIP, ISO 27001, NIST 800-53, SOX, PCI, NACHA, and NRC.
- Strong critical thinking and problem-solving abilities, and experience with Agile framework methodologies.
- Familiarity with ICS devices, generation assets, and transmission assets is a plus!
If interested in learning more, please apply directly!
**Location preference is to work hybrid out of the Dallas Metro office location 3 days a week; candidates who are willing to accommodate this will be prioritized over fully remote candidates. Relocation assistance is available.